On Mon, 2021-01-18 at 13:40 -0800, Ned Freed wrote: > As for the idea of using heuristics, the idea of having an open-ended > suggestion that implementors pick something, anything, for this > purpose is more than a little scary given past experience with the > things people use as spam tests. So absent something more specific I > don't think this is a good idea. Although it is intriguing to think > about various checks and latching schemes and so on. But the siren > song of a hack in the making is kind of the problem, isn't it? I like the idea of reactions in e-mail, but any method of conveying information will be misused by pranksters and spammers, so I think it is useful to think about abuse. point 1: there is no restriction on the number of emojis in your reaction. example: 🧚 🧚🏻 🧚🏼 🧚🏽 🧚🏾 🧚🏿 🧚♂️ 🧚🏻♂️ 🧚🏼♂️ 🧚🏽♂️ 🧚🏾♂️ 🧚🏿♂️ 🧚♀️ 🧚🏻♀️ 🧚🏼♀️ 🧚🏽♀️ 🧚🏾♀️ 🧚🏿♀️ 🧚 🧚🏻 🧚🏼 🧚🏽 🧚🏾 🧚🏿 🧚♂️ 🧚🏻♂️ 🧚🏼♂️ 🧚🏽♂️ 🧚🏾♂️ 🧚🏿♂️ 🧚♀️ 🧚🏻♀️ 🧚🏼♀️ 🧚🏽♀️ 🧚🏾♀️ 🧚🏿♀️ obnoxious? abusive? it certainly would be a challenge to present this in a UI, I think. would the functionality be hampered by specifying a limit on the number of emojis in a single Reaction? or a limit on the number of (distinct) emojin from a single respondent? point 2: although the set of characters with the emoji property generally don't contain letters, there is bound to be creative spammers abusing those available. example: 🐴 🧲 ⭕ ❌ ‼️ (the magnet looks like a C in the font I use.) point 3: since the spam message can be spread across more messages, the filtering is harder. bear in mind the reactions can themselves be to the spammer's own message. point 4: should we disallow reactions coming from the author? -- regards, Kjetil T. -- last-call mailing list last-call@xxxxxxxx https://www.ietf.org/mailman/listinfo/last-call
